package com.soso.confidant.action;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import com.qq.oauth.Token;
import com.qq.util.App;
import com.qq.util.ParseString;
import com.qq.util.Verify;
import com.soso.confidant.util.XMLHelper;

public class CallAction implements ServletRequestAware,ServletResponseAware{
	
	private HttpServletRequest request;
	private HttpServletResponse response;
	private String oauth_token;
	private String openid;
	private String oauth_signature;
	private String oauth_vericode;
	private String timestamp;
	
	public String execute() throws IOException {
		PrintWriter out = response.getWriter();
		Verify verify = Verify.getInstance();
		/**
		 * QQ互联登录，授权成功后会回调此地址
		 * 必须要用授权的request token换取access token
		 * 访问QQ互联的任何资源都需要access token
		 * 目前access token是长期有效的，除非用户解除与第三方绑定
		 * 如果第三方发现access token失效，请引导用户重新登录QQ互联，授权，获取access token
		 */
		//http://homepage.sosolabs.com/call?oauth_token=14162898880223603901&openid=F08332A45A14FEC1CFFA452E4E6FCACE&oauth_signature=9wEyosuYRa52LMOjrkuIfMgu%2FKY%3D&oauth_vericode=786730574&timestamp=1305018289
		//授权成功后，会返回用户的openid
		//检查返回的openid是否是合法id
		if(!verify.VerifyOpenID(openid, timestamp, oauth_signature, App.appkey)){
			out. println("openid verify false!");
		}

		//tips
		//这里已经获取到了openid，可以处理第三方账户与openid的绑定逻辑
		//但是我们建议第三方等到获取accesstoken之后在做绑定逻辑

		//用授权的request token换取access token
		Token token = new Token();
		String oauth_token_secret = (String)request.getSession().getAttribute("oauth_token_secret");
		//out.println(oauth_token_secret);
		//out.println(oauth_vericode);
		String access_token = token.getAccessToken(App.appid, App.appkey, oauth_token, oauth_token_secret, oauth_vericode);
		//out.println(access_token);
		HashMap<String, String> tokens = ParseString.ParseTokenString(access_token);
		
		//error
		if (tokens.get("error_code")!=null){
		    out.println(tokens.get("error_code"));
		}
		
		//获取access token成功后也会返回用户的openid
		//我们强烈建议第三方使用此openid
		//检查返回的openid是否是合法id
		if(!verify.VerifyOpenID(tokens.get("openid"), tokens.get("timestamp"), tokens.get("oauth_signature"), App.appkey)){
			out.println("openid verify false2!");
		}
		//将access token，openid保存!!
		oauth_token = tokens.get("oauth_token");
		oauth_token_secret = tokens.get("oauth_token_secret");
		openid = tokens.get("openid");
		
		String userinfo_xml = token.getUserInfo(App.appid, App.appkey, oauth_token, oauth_token_secret, openid, "xml");
		//out.println(userinfo_xml);
		HashMap<String, String> userinfo = XMLHelper.getInstance().Xml2UserInfo(userinfo_xml);
		//第三方处理用户绑定逻辑
		//将openid与第三方的帐号做关联
		//bind_to_openid();
		request.getSession().setAttribute("islogin", 1);
		request.getSession().setAttribute("openid", openid);
		request.getSession().setAttribute("nickname", new String(userinfo.get("nickname").getBytes("ISO-8859-1"),"UTF-8"));
		
		response.setContentType("text/html");
		out.println("<script>");
		out.println("window.opener.location.reload();");
		out.println("window.close();");
		out.println("</script>");
		out.flush();
		out.close();
		return null;
	}
	
	public void setServletRequest(HttpServletRequest request) {
		this.request = request;
	}
	public void setServletResponse(HttpServletResponse response) {
		this.response = response;
	}

	public HttpServletRequest getRequest() {
		return request;
	}

	public void setRequest(HttpServletRequest request) {
		this.request = request;
	}

	public HttpServletResponse getResponse() {
		return response;
	}

	public void setResponse(HttpServletResponse response) {
		this.response = response;
	}

	public String getOauth_token() {
		return oauth_token;
	}

	public void setOauth_token(String oauth_token) {
		this.oauth_token = oauth_token;
	}

	public String getOpenid() {
		return openid;
	}

	public void setOpenid(String openid) {
		this.openid = openid;
	}

	public String getOauth_signature() {
		return oauth_signature;
	}

	public void setOauth_signature(String oauth_signature) {
		this.oauth_signature = oauth_signature;
	}

	public String getOauth_vericode() {
		return oauth_vericode;
	}

	public void setOauth_vericode(String oauth_vericode) {
		this.oauth_vericode = oauth_vericode;
	}

	public String getTimestamp() {
		return timestamp;
	}

	public void setTimestamp(String timestamp) {
		this.timestamp = timestamp;
	}
}
